IN THE CLAIMS 



This listing of claims will replace all prior versions, and listings, of claims in the 
application: 
Listing of Claims: 

1. (Currently Amended) A method for identifying network traffic comprising: 

receiving pattern matching data; 

comparing the pattern matching data with a pattern; and 

determining whether the pattern matching data matches the pattern; 

assigning a first score to a first match if the pattern matching data matches 

the pattern: 

comparing the pattern matching data with a second pattern: and 
assigning a second score to a second match if the pattern matching data 
matches a second pattern . 

2. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern matching data includes application data. 

3. (Original) A method for identifying network traffic as recited in Claim 1, in the event that 
the pattern matching data matches the pattern, further including determining a property 
associated with the network traffic. 

4. (Original) A method for identifying network traffic as recited in Claim 1, in the event that 
the pattern matching data matches the pattern, further including determining a property 
associated with the network traffic; wherein the property is an application protocol. 

5. (Original) A method for identifying network traffic as recited in Claim 1, in the event that 
the data matches the pattern, further including determining a property associated with the data 
and assigning a score for the property. 
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6. (Original) A method for identifying network traffic as recited in Claim 1, in the event that 
the data matches the pattern, further including determining a property associated with the data; 
and applying a policy based on the property. 

7. (Original) A method for identifying network traffic as recited in Claim 1, further 
comprising assigning a score to a match if the pattern matching data matches the pattern. 

8. (Cancelled) 

9. (Currently Amended) A method for identifying network traffic as recited in Claim [[8]] i, 
further comprising determining a property associated with the traffic by comparing the first 
score and the second score. 

10. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern matching data includes a string selected from a packet. 

11. (Original) A method for identifying network traffic as recited in Claim 1, wherein pattern 
matching data includes concatenated application data of a plurality of packets. 

12. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern includes a regular expression. 

13. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern includes application protocol information. 

14. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern includes commonly used port information. 

15. (Original) A method for identifying network traffic as recited in Claim 1, in the event the 
data does not match the pattern, further comprising returning a failure indicator. 

16. (Original) A method for identifying network traffic as recited in Claim 1, wherein 
determining whether the pattern matching data matches the pattern occurs at the beginning of 
session. 
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17. (Original) A method for identifying network traffic as recited in Claim 1, wherein 
comparing the pattern matching data with a pattern is performed for each received data 

18. (Currently Amended) A method for identifying network traffic a s recited in Claim 1, 
furth e r comprising! 

receiving pattern matching data: 
comparing the pattern matching data with a pattern: 
determining whether the pattern matching data matches the pattern: and 
comparing a second pattern matching data with a second pattern, wherein 
comparing the second pattern matching data occurs substantially concurrently 
with the comparing of pattern matching data with the pattern. 

19. (Cancelled) 

20. (Currently Amended) A system for identifying network traffic comprising: 

an interface configured to receive pattern matching data; 
a processor configured to: 

compare the pattern matching data with a pattern^ and 
determine whether the pattern matching data matches the pattern^ 
assign a first score to a first match if the pattern matching data 
matches the pattern: 

compare the pattern matching data with a second pattern: and 
assign a second score to a second match if the pattern matching 
data matches a second pattern . 

21. (Currently Amended) A computer program product for identifying network traffic, the 
computer program product being embodied in a computer readable medium and comprising 
computer instructions for: 
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receiving pattern matching data; 

comparing the pattern matching data with a pattern; and 

determining whether the pattern matching data matches the pattern^ 

assigning a first score to a first match if the pattern matching data matches 

the pattern; 

comparing the pattern matching data with a second pattern; and 
assigning a second score to a second match if the pattern matching data 
matches a second pattern . 

22. (Cancelled) 
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